[Dude111]

These days it seems as though everybody is a computer security expert or needs to be anyway.

Picking a good strong password is always a challenge,and there are many online services that will generate you a very strong password with letters,numbers,misc characters ($%*&#@!),etc,but did you know Windows XP has a built-in password generator of its own?

The folks over at Microsoft didnt really make this feature very obvious to find,namely as it is more of a computer administrator tool than for something a regular joe would need.

Something like this would be very useful especially if you share a single PC or have a number of computers on a network which contain sensitive data,or with the potential for its security to be breached.

So how do you find and use it? Simple:

Go to Run on the Start menu and type 'cmd' (without the quotes)

A dos command prompt window will open.

At the command prompt type 'net user administrator/random' (without the quotes)

Based upon Windows XPs security rules,it will generate you a fairly solid password for you to use,that will at least be harder to crack than an egg on a sunday morning!

Might work on Vista,etc......

When i try it on Win98se it says i dont have "NET.MSG" or "NETH.MSG" .. Might look for those files and try it

[GigaWatt]

looks like it doesn't work... :S... the syntax of the command is wrong and it returns back that "random" is not one of the available switches for the command, just "delete", "add" and "domain"... has anyone else tried this...?

[Takaharu]

Our password policy at work (which was set by me to follow PCI compliance) is to have a password that is at least 8 characters and meet Windows' password complexity requirements. This means it has to be made up of three of the following four categories:
- Upper-case letters
- Lower-case letters
- Numerical (0-9)
- Non-alphanumeric
Also, it cannot contain more than three consecutive characters from the user name.

So, generally, if someone can't think of a password we tell them to think of a word, start it with a capital letter and end it in a number. Then, after 90 days, increment that number when you need to change it. If they can't think of an 8-letter word I point out the company that they work for or the primary application that they use. The logon screen has been customised to replace the XP logo with the company logo but nobody actually thinks to look at it for an idea for a password.
If you're setting an admin's password, however, it's generally good practise to use all four categories and make the password a little over the minimum length. Naturally, that makes it harder to crack.

Thing is, if you use a random password generator it's going to take a long time to remember it. Random passwords are strongly advised against as people can be prone to writing down the password whilst in the process of trying to remember it or, if they forget a character or two, can have their account locked out by entering it incorrectly too many times.

[GigaWatt]

Quote:

Originally Posted by Takaharu

Thing is, if you use a random password generator it's going to take a long time to remember it. Random passwords are strongly advised against as people can be prone to writing down the password whilst in the process of trying to remember it or, if they forget a character or two, can have their account locked out by entering it incorrectly too many times.

that's true, i wouldn't recommend anyone to use a randomly generated password...

the thing that interested me was, does this command really work... i mean, the /random switch is wrong, the command has no random switch (as it clearly points out when you try to use the switch in cmd)... maybe there is some hidden feature that we don't know about, but i don't think that this is the way to use it...

i tried the command with the switch in Server 2003 with only one admin account (with a pass on it) and no guest account (guest accounts disabled), and XP SP2 (on a VM) with guest accounts enabled and only one admin account (no passes on both of them)... didn't work on either of them... :S